VulnerableCode Package Details - pkg:rpm/redhat/openstack-cinder@2014.2.4-11?arch=el7ost

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/openstack-cinder@2014.2.4-11?arch=el7ost

purl	pkg:rpm/redhat/openstack-cinder@2014.2.4-11?arch=el7ost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-zy9m-d25c-5uga Aliases: CVE-2015-5162 GHSA-g2j5-7vgx-6xrx	OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. oslo.concurrency has been updated to support process limits ('prlimit'), which is needed to fix this flaw.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:40:35.383663+00:00	RedHat Importer	Affected by	VCID-zy9m-d25c-5uga	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5162.json	38.0.0